Microsoft Targets Hackers With New Europe AI Program

Microsoft has launched a new European Security Program aimed at disrupting cybercriminal networks and state-sponsored threat actors operating across the continent. Announced in Berlin on June 4, the initiative targets ransomware groups and nation-state actors from Russia, China, Iran and North Korea. It leverages artificial intelligence to boost threat intelligence sharing with governments in all EU member states, EFTA countries, the UK, Monaco, and the Vatican.

The program integrates AI-powered tools via Microsoft’s Government Security Program and Threat Analysis Center, enhancing detection of tactics such as deepfakes and social engineering. A key component, the Statutory Automated Disruption Program, automates abuse notifications to hosting providers, expediting takedowns of malicious infrastructure.

In a recent operation against the Lumma malware, Microsoft and Europol dismantled over 2,300 command-and-control domains. The company also embedded investigators at Europol’s cybercrime center, expanded efforts in the Western Balkans, and continues to support NGOs through its partnership with the CyberPeace Institute.